Syntax
pmkey -v -a <keyfile> [ [-l | -r | -i <keyfile>] [-p <passphrase>] [-f]]
Description
Use the pmkey command to generate and install configurable certificates.
In order for a policy evaluation request to run, keys must be installed on all hosts involved in the request. The keyfile must be owned by root and have permissions set so only root can read or write the keyfile.
Options
pmkey has the following options.
Option | Description |
---|---|
-a <keyfile> | Creates an authentication certificate. |
-i <keyfile> | Installs an authentication certificate. |
-l |
Creates and installs a local authentication certificate to this file: /etc/opt/quest/qpm4u/.qpm4u/.keyfiles/key_localhost This is equivalent to running the following two commands:
|
-f | Forces the operation. For example:
|
-p <passphrase> |
Passes the passphrase on the command line for the -a or -l option. If not specified, pmkey prompts the user for a passphrase. |
-r |
Installs all remote keys that have been copied to this directory: /etc/opt/quest/qpm4u/.qpm4u/.keyfiles/key_<hostname> This provides a quick way to install multiple remote keys. |
-v | Displays the Safeguard version and exits. |
Examples
The following command generates a new certificate, and puts it into the specified file:
pmkey -a <filename>
The following command installs the newly generated certificate from the specified file:
pmkey -i <filename>